CVE-2020-11242

Published on: 04/07/2021 12:00:00 AM UTC

Last Modified on: 04/12/2021 06:48:00 PM UTC

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Pm660 from Qualcomm contain the following vulnerability:

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2020-11242 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: Qualcomm, Inc. - Snapdragon Industrial IOT, Snapdragon Mobile version PM660, PM660A, PM660L, PM855A, PMM855AU, QAT3514, QAT3522, QAT3550, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QET4100, QET4101, QET4200AQ, QLN1021AQ, QLN1031, QLN1036AQ, QPA4340, QPA4360, QPA5460, QTC800H, QTC800S, RSW8577, SD 455, SD 636, SD660, SDM630, SDR660, SMB1351, WCD9335, WCD9340, WCD9341, WCN3950, WCN3980, WCN3990

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 7.2 - HIGH

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
April 2021 Security Bulletin | Qualcomm www.qualcomm.com
text/html
URL Logo CONFIRM www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Related QID Numbers

  • 610331 Google Android Devices April 2021 Security Patch Missing

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareQualcommPm660-AllAllAll
HardwareQualcommPm660a-AllAllAll
Operating
System
QualcommPm660a Firmware-AllAllAll
HardwareQualcommPm660l-AllAllAll
Operating
System
QualcommPm660l Firmware-AllAllAll
Operating
System
QualcommPm660 Firmware-AllAllAll
HardwareQualcommPm855a-AllAllAll
Operating
System
QualcommPm855a Firmware-AllAllAll
HardwareQualcommPmm855au-AllAllAll
Operating
System
QualcommPmm855au Firmware-AllAllAll
HardwareQualcommQat3514-AllAllAll
Operating
System
QualcommQat3514 Firmware-AllAllAll
HardwareQualcommQat3522-AllAllAll
Operating
System
QualcommQat3522 Firmware-AllAllAll
HardwareQualcommQat3550-AllAllAll
Operating
System
QualcommQat3550 Firmware-AllAllAll
HardwareQualcommQca6564a-AllAllAll
HardwareQualcommQca6564au-AllAllAll
Operating
System
QualcommQca6564au Firmware-AllAllAll
Operating
System
QualcommQca6564a Firmware-AllAllAll
HardwareQualcommQca6574a-AllAllAll
HardwareQualcommQca6574au-AllAllAll
Operating
System
QualcommQca6574au Firmware-AllAllAll
Operating
System
QualcommQca6574a Firmware-AllAllAll
HardwareQualcommQca6595-AllAllAll
HardwareQualcommQca6595au-AllAllAll
Operating
System
QualcommQca6595au Firmware-AllAllAll
Operating
System
QualcommQca6595 Firmware-AllAllAll
HardwareQualcommQet4100-AllAllAll
Operating
System
QualcommQet4100 Firmware-AllAllAll
HardwareQualcommQet4101-AllAllAll
Operating
System
QualcommQet4101 Firmware-AllAllAll
HardwareQualcommQet4200aq-AllAllAll
Operating
System
QualcommQet4200aq Firmware-AllAllAll
HardwareQualcommQln1021aq-AllAllAll
Operating
System
QualcommQln1021aq Firmware-AllAllAll
HardwareQualcommQln1031-AllAllAll
Operating
System
QualcommQln1031 Firmware-AllAllAll
HardwareQualcommQln1036aq-AllAllAll
Operating
System
QualcommQln1036aq Firmware-AllAllAll
HardwareQualcommQpa4340-AllAllAll
Operating
System
QualcommQpa4340 Firmware-AllAllAll
HardwareQualcommQpa4360-AllAllAll
Operating
System
QualcommQpa4360 Firmware-AllAllAll
HardwareQualcommQpa5460-AllAllAll
Operating
System
QualcommQpa5460 Firmware-AllAllAll
HardwareQualcommQtc800h-AllAllAll
Operating
System
QualcommQtc800h Firmware-AllAllAll
HardwareQualcommQtc800s-AllAllAll
Operating
System
QualcommQtc800s Firmware-AllAllAll
HardwareQualcommRsw8577-AllAllAll
Operating
System
QualcommRsw8577 Firmware-AllAllAll
HardwareQualcommSd455-AllAllAll
Operating
System
QualcommSd455 Firmware-AllAllAll
HardwareQualcommSd636-AllAllAll
Operating
System
QualcommSd636 Firmware-AllAllAll
HardwareQualcommSd660-AllAllAll
Operating
System
QualcommSd660 Firmware-AllAllAll
HardwareQualcommSdm630-AllAllAll
Operating
System
QualcommSdm630 Firmware-AllAllAll
HardwareQualcommSdr660-AllAllAll
Operating
System
QualcommSdr660 Firmware-AllAllAll
HardwareQualcommSmb1351-AllAllAll
Operating
System
QualcommSmb1351 Firmware-AllAllAll
HardwareQualcommWcd9335-AllAllAll
Operating
System
QualcommWcd9335 Firmware-AllAllAll
HardwareQualcommWcd9340-AllAllAll
Operating
System
QualcommWcd9340 Firmware-AllAllAll
HardwareQualcommWcd9341-AllAllAll
Operating
System
QualcommWcd9341 Firmware-AllAllAll
HardwareQualcommWcn3950-AllAllAll
Operating
System
QualcommWcn3950 Firmware-AllAllAll
HardwareQualcommWcn3980-AllAllAll
Operating
System
QualcommWcn3980 Firmware-AllAllAll
HardwareQualcommWcn3990-AllAllAll
Operating
System
QualcommWcn3990 Firmware-AllAllAll
  • cpe:2.3:h:qualcomm:pm660:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:pm660a:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:pm660a_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:pm660l:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:pm660l_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:pm660_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:pm855a:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:pm855a_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:pmm855au:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:pmm855au_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qat3514:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qat3514_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qat3522:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qat3522_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qat3550:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qat3550_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qet4100:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qet4100_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qet4101_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qet4200aq:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qet4200aq_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qln1021aq:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qln1021aq_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qln1031:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qln1031_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qln1036aq:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qln1036aq_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qpa4340:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qpa4340_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qpa4360:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qpa4360_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qpa5460:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qpa5460_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qtc800h:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qtc800h_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:qtc800s:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:qtc800s_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:rsw8577:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:rsw8577_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:sd455:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:sd455_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:sd636:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:sd636_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:sdr660:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:sdr660_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:smb1351:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:smb1351_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2020-11242 : User could gain access to secure memory due to incorrect argument into address range validation ap… twitter.com/i/web/status/1… 2021-04-07 07:59:07
Twitter Icon @WesUncensored New vulnerability on the NVD: CVE-2020-11242 ift.tt/2PXSnxL 2021-04-07 10:36:20
Twitter Icon @workentin New vulnerability on the NVD: CVE-2020-11242 ift.tt/2PXSnxL 2021-04-07 10:43:36
Twitter Icon @xanadulinux CVE-2020-11242 ift.tt/2PXSnxL 2021-04-07 10:56:50